﻿<?php
require_once './include/common.php';
$title="用户登录";
include ('include/head.php');
$ex='<div class="header"><ul class="nav nav-pills pull-right" role="tablist"><li role="presentation" class="active"><a href="index.php">首页</a></li><li role="presentation"><a href="login.php">会员登录</a></li><li role="presentation"><a href="reg.php">注册</a></li></ul><h3 class="text-muted" align="left">登陆失败</h3></div><hr><h3>登陆失败！！</h3>';

if($_GET['action'] == "logout"){
    setcookie("w_user", "", time()-3600*24*30);
    setcookie("w_userid", "", time()-3600*24*30);
    echo <<<HTML
	 <div class="header">
        <ul class="nav nav-pills pull-right" role="tablist">
          <li role="presentation" class="active"><a href="index.php">首页</a></li>
          <li role="presentation"><a href="index.php?action=my">用户中心</a></li>
          <li role="presentation"><a href="login.php?action=logout">退出</a></li>
        </ul>
        <h3 class="text-muted" align="left">注销登录</h3>
      </div><hr><h3>注销登录</h3>退出成功，3秒后自动跳转...<br>若无法跳转请<a href="index.php">点击这里</a><meta http-equiv="refresh" content="3;url=index.php">
HTML;
	include ('include/foot.php');
    exit;
}

if(isset($_POST['username'])&&isset($_POST['password'])){
	if(!isset($_POST['submit'])){
		echo $ex.'非法访问!';
		include ('include/foot.php');
		exit;
	}
	$username = daddslashes($_POST['username']);
	$pwd = md5(daddslashes($_POST['password']));

	$sql = "SELECT username FROM w_user where username='{$username}'";
	$sth = $db->query($sql);
	if(!$sth->fetch()){
		echo $ex.'用户名不存在!<a href="reg.php">点击注册</a>';
		include ('include/foot.php');
		exit;
	}
	
	$sql = "SELECT pwd FROM w_user where username='{$username}'";
	$sth = $db->query($sql);
	$res=$sth->fetch();
	if($res[pwd]!=$pwd){
		echo $ex.'密码错误!';
		include ('include/foot.php');
		exit;
	}
	
	//检测用户名及密码是否正确
	$sql = "SELECT id FROM w_user where username='{$username}' and pwd='{$pwd}' limit 1";
	$sth = $db->query($sql);

		//登录成功
	if($result = $sth->fetch()){
		$cok=daddslashes($_POST['cok']);
		setcookie("w_user", "$username", time()+$cok);
		setcookie("w_userid", userid($username,$key,$pwd), time()+$cok);
		echo <<<HTML
		<div class="header">
        <ul class="nav nav-pills pull-right" role="tablist">
          <li role="presentation" class="active"><a href="index.php">首页</a></li>
          <li role="presentation"><a href="login.php">会员登录</a></li>
          <li role="presentation"><a href="reg.php">注册</a></li>
        </ul>
        <h3 class="text-muted" align="left">登录成功</h3>
      </div><hr><h3>登录成功</h3>登录成功，3秒后自动跳转...<br />若无法跳转请<a href="index.php?action=index">点击这里进入</a><meta http-equiv="refresh" content="3;url=index.php?action=index">
HTML;
		include ('include/foot.php');
		exit;
	} else {
		echo $ex.'登录失败！点击此处 <a href="login.php">返回</a> 重试';
		include ('include/foot.php');
		exit;
	}
}else{
	if(isset($_COOKIE['w_user'])&&isset($_COOKIE['w_userid']))
	{
		echo $ex.$_COOKIE['w_user'].'您已登陆!3秒后自动跳转...<br />若无法跳转请<a href="index.php?action=index">点击这里进入</a><meta http-equiv="refresh" content="3;url=index.php?action=index">';
		include ('include/foot.php');
		exit;
	}else{
	echo <<<HTML
    <div class="header">
        <ul class="nav nav-pills pull-right" role="tablist">
          <li role="presentation" class="active"><a href="index.php">首页</a></li>
          <li role="presentation"><a href="login.php">会员登录</a></li>
          <li role="presentation"><a href="reg.php">注册</a></li>
        </ul>
        <h3 class="text-muted" align="left">用户登录</h3>
     </div><hr>
	 <h3 class="form-signin-heading">登录帐号</h3>
	 <form action="login.php" class="form-sign" method="post">
	 用户名<br>
	 <input type="text" class="form-control" name="username" value="{$_GET['user']}"><br>
	 密码<br>
	 <input type="password" class="form-control" name="password" value=""><br>
	 登录状态<br>
	<select class="form-control" name="cok" ivalue="3600">
	<option value="3600" selected="selected">保存1小时</option>
	<option value="86400">保存1天</option>
	<option value="864000">保存10天</option>
	<option value="2592000">保存1个月</option>
	</select><br>
	 <input type="submit" class="btn btn-primary btn-block" name="submit" value="点击登录"><br>
	 <a href="reg.php" class="btn btn-default btn-block">还没有用户?免费注册</a></form>
HTML;
}
}
include ('include/foot.php');
?>
<BODY background="http://xinshi.qiniudn.com/BJ-qingxiu-2.jpg">
<body  background="http://zz.qqh.pw/1234.jpg"></body>